SUSE SLES15 Security Update : 389-ds (SUSE-SU-2026:0915-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0915-1 advisory. Update to LTS branch 2.7 jscPED-14342: - CVE-2025-14905: Fixed heap buffer overflow due to improper size calculation in schemaattrenumcallba...

Security update for 389-ds

This update for 389-ds fixes the following issues: Update to LTS branch 2.7 jscPED-14342: CVE-2025-14905: Fixed heap buffer overflow due to improper size calculation in schemaattrenumcallback callback bsc1258727. Bug fixes: Resolve python build error that caused lib389 to be missing some librarie...

SUSE-SU-2026:0915-1 Security update for 389-ds

This update for 389-ds fixes the following issues: Update to LTS branch 2.7 jscPED-14342: - CVE-2025-14905: Fixed heap buffer overflow due to improper size calculation in schemaattrenumcallback callback bsc1258727. Bug fixes: - Resolve python build error that caused lib389 to be missing some...

CVE-2024-20456

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Cisco Secure Boot functionality and load unverified software on an affected device. To exploit this successfully, the attacker must have root-system...

Oracle Linux 7 / 8 / 9 : linux-firmware (ELSA-2024-12797)

The remote Oracle Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12797 advisory. 20241003-999.35.git95bfe086.el8 - Rebase to latest upstream Orabug: 37132142 - Fix build error in ol7 due to linking in copy-firmware.sh Orabu...

linux-firmware security update

20241003-999.35.git95bfe086.el8 - Rebase to latest upstream Orabug: 37132142 - Fix build error in ol7 due to linking in copy-firmware.sh Orabug: 37132515 - Bring back drirectory structure qcom/sc8280xp Orabug: 37132142...

UBUNTU-CVE-2022-48889

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof-nau8825: fix module alias overflow The maximum name length for a platformdeviceid entry is 20 characters including the trailing NUL byte. The sofnau8825.c file exceeds that, which causes an obscure error message:...

CVE-2024-20456

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Cisco Secure Boot functionality and load unverified software on an affected device. To exploit this successfully, the attacker must have root-system...

PT-2024-13553 · Quickjs +2 · Quickjs +2

Name of the Vulnerable Software and Affected Versions: QuickJS versions prior to c4cdd61 Description: The issue is caused by a NULL pointer dereference due to an erroneous lexical scope of this with eval, leading to a build for in iterator error. Recommendations: For versions prior to c4cdd61,...

SUSE CVE-2024-26710

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increase stack usage, to the point that it was reported to lead to stack overflow on some 32-bit machines see link. To avoid overflows the stack size was...

DEBIAN-CVE-2024-26710

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increase stack usage, to the point that it was reported to lead to stack overflow on some 32-bit machines see link. To avoid overflows the stack size was...

SUSE CVE-2023-4015

A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. On an error when building a nftables rule, deactivating immediate expressions in nftimmediatedeactivate can lead unbinding the chain and objects be deactivate...

Security update for go1.16 (moderate)

openSUSE Security Update: Security update for go1.16 Announcement ID: openSUSE-SU-2021:1199-1 Rating: moderate References: 1182345 1189162 Cross-References: CVE-2021-36221 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has one errata is now available.Description...

SUSE-SU-2021:2788-1 Security update for go1.16

This update for go1.16 fixes the following issues: Update to go1.16.7: - go47473 net/http: panic due to racy read of persistConn after handler panic CVE-2021-36221 bsc1189162 - go47348 cmd/go: 'go list -f '.Stale'' stack overflow with cyclic imports - go47332 time: Timer reset broken under heavy...

UBUNTU-CVE-2021-28831

decompressgunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huftbuild result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data...

SUSE SLED15 / SLES15 Security Update : zstd (SUSE-SU-2020:1396-2)

This update for zstd fixes the following issues : Fix for build error caused by wrong static libraries. bsc1133297 Correction in spec file marking the license as documentation. bsc1082318 Add new package for SLE-15. jscECO-1886 Note that Tenable Network Security has extracted the preceding...

SUSE-SU-2020:1396-1 Security update for zstd

This update for zstd fixes the following issues: - Fix for build error caused by wrong static libraries. bsc1133297 - Correction in spec file marking the license as documentation. bsc1082318 - Add new package for SLE-15. jscECO-1886...

SUSE-SU-2020:1396-3 Security update for zstd

This update for zstd fixes the following issues: - Fix for build error caused by wrong static libraries. bsc1133297 - Correction in spec file marking the license as documentation. bsc1082318 - Add new package for SLE-15. jscECO-1886...

SUSE-SU-2020:1396-2 Security update for zstd

This update for zstd fixes the following issues: - Fix for build error caused by wrong static libraries. bsc1133297 - Correction in spec file marking the license as documentation. bsc1082318 - Add new package for SLE-15. jscECO-1886...

SUSE SLED15 / SLES15 Security Update : zstd (SUSE-SU-2020:1396-1)

This update for zstd fixes the following issues : Fix for build error caused by wrong static libraries. bsc1133297 Correction in spec file marking the license as documentation. bsc1082318 Add new package for SLE-15. jscECO-1886 Note that Tenable Network Security has extracted the preceding...